From: Diesel <me@privacy.net>

Virus Guy <Virus@Guy.C0M> news:pnls75$5on$1@news.mixmin.net Sun, 16
Sep 2018 15:19:32 GMT in alt.comp.virus, wrote: 

> Windows 2k and XP were the most vulnerable NT-based operating
> systems to ever be put into use.  It's more accurate to say that
> they functioned primarily more as trojan-hosting systems than
> end-user productivity tools.  At least for XP, given that Win-2k
> use was far more limited than XP. 

Ehm. You're still spewing complete horse #### as factual information. 
Win2k and XP are by far, not the most insecure flavors of NT to 
exist. You're writing from your arsehole concerning subject matter 
you barely understand. We've been over this, many many times before. 
Nothings changed since the last time you spewed your nonsense.
 
> The truth is that Win-9x/me has alway been harder to break into
> from a remote access point vs the NT line (2k/XP etc).

Actually, no, it hasn't. By default, as in out of the box, netbios 
was bound to your tcp/ip stack. Which made remote drive mapping a 
very friendly prospect if you weren't behind a 3rd party firewall.

> "internet survival time" was coined as a way to measure how long
> it would take for fresh install of win-2k or XP-SP0/1 to be hacked
> by a worm when the computer was directly connected to the internet
> for the first time (with no firewall or nat-router).

That's not a fair or reasonably sound test, either. It had visible 
ports with buggy server side software listening. With a firewall, 
those ports wouldn't be available to the outside world unless you 
made firewall rules stating they should be. If you intentionally 
cripple your defenses by limiting and/or disabling them, then you 
deserve to be 0wned.

> Typically, back in 2001 to 2004 your win-2k or XP system with a
> fresh install would be hacked in 10 to 20 minutes - with no user
> intervention or action required!

That wasn't a set in stone deal. And, only an idiot would surf the 
net on a windows (any windows) system in the dmz and/or with a 
disabled firewall. It's a stupid thing to be doing. Btw, your win9x 
machines without a firewall were (and still are) vulnerable to a 
variety of tcp/ip based exploits. A firewall is your friend.


> In fact, unless you were behind a nat-router (which was a new 
> concept for residential DSL connections back 10+ years ago) you had 
> a hard time performing your first on-line update before your system 
> was hit by a network worm. 
 
Bull####. Zone alarm, tinyfirewall, etc would have kept you safe in 
the event you weren't behind a nat based firewall. I don't know where 
your getting your figures from, but, DSL/cable with firewalls have 
been common place for a bit more than a decade now. Atleast in this 
area. Perhaps if you live in a very rural place, it took longer...

You write as if the world would end the moment you plugged a cable 
into an XP machine to give it internet access and that's just not so 
in real life.

> Posted to various XP newsgroups in April 2014:

And it was just as wrong then, too. It's no secret that for whatever 
crazy misinformed reason you think windows 9x is far more secure than 
the later NT editions, but, it doesn't make it so. It just shows that 
you're a paranoid and extremely misinformed individual.
 
> When MS stopped supporting Win-98 in July 2006, there was a grand
> total of 33 security issues that had been identified during it's
> 7-year lifespan:

> The "security" concept that is frequently mentioned with 9x vs NT
> is the idea of being able to control what the local user can do
> with the system, and it is true that the local user sitting at the
> 9x/me keyboard has access to the entire system (all files,
> registry, etc). 

Not just the user, but any/every single program the user runs. 
There's nothing on a windows 9x system to compartmentalize damage or 
restrict where and what a program you ran has access too. Nothing 
stops it from accessing any file on your hard disk it likes. There's 
no permissions, no security, nothing. A simple virus written in the 
late 90s/early 00s can *easily* take your entire machine within 
minutes. You have NO SECURITY features on your OS which would even 
slow the process down. What's more, your OS doesn't have to emulate 
the code, it can run it real; which allows full functionality and 
minimal risk of a code crash. Where as with NT based systems, it's 
emulated and the risk of failure is higher. 

That's not even including the security permissions that could 
restrict and/or limit what the virus can access and how deep it can 
get into your machine as far as infections goes. 

I've offered you a sample to play with and get owned by on more than 
one occasion, but, you've yet to put your money where your mouth is 
and put windows 9x 'security' to the test with something that *will* 
take it from you.
 
> But in terms of internet security and exposing a system to remote
> exploit code, the NT line fell far short of being as invulnerable
> to such exploit paths as 9x/me was, and the Secunia numbers posted
> above are perfect examples of that.

No, they aren't. Many of those exploits came via browser surfing with 
IE and users doing stupid things, just as they did with Windows 9x. 
The only exception being, on NT, the malware they just installed 
isn't actually everywhere on the NT machine; it has restricted 
access. Where as with the windows 9x system, even the mbr is up for 
grabs and modification. Total, 0wnage before windows 9x even boots, 
if one wants to go that route.
 
I know that nothing I or anyone else writes is ever going to change 
your opinion, and, I don't much care. I don't respond to you 
expecting you to realize you're wrong, it's for the benefit of anyone 
who's read your logical on the surface (but still inaccurate results) 
rants concerning the so called superior security windows 9x offers 
over NT.

There's something else about windows 9x I've never seen you mention. 
You either don't run into the problem because your machines don't run 
24/7, or you have, and have just learned to deal with it. After so 
many days, windows 9x (me included) has to be hard reset. It cannot 
run for say, 90 days at one time. NT systems can. I believe around 
the 42, 43rd or so day, the systems resources are depleted (due to 
memory leaks) and a reset has to be performed to regain use of the 
machine. I know this because I've seen it, many times, first hand. 
And, it's a documented issue with microsoft, too. It's actually quite 
known amongst repair tech circles. It's why windows 9x makes for a 
horrible host for an FTP server. It was never fixed, it'll never be 
fixed. It was present since windows 3x and carried all the way to 
Windows ME.

Another thing you probably don't know about the windows code base 
iterations. Everything that isn't NT based still had actual DOS/early 
windows 3.x native code present in their executables and libraries. 
Yep, you read that correctly. MS recycled and recycled and recycled.

Windows 9x is still, to this day, a glorified (using an MS version of 
time slicing to give you the false impression of multi tasking) shell 
riding on top of, in lieu of (as is the case with NT based systems) 
DOS. It's a shell. An advanced shell, but a shell non the less. 
Windows ME tried to hide the fact it was still DOS based by making it 
more difficult to reach a command prompt on startup. Flipping a 
couple of bytes in IO.SYS would cause it to act like Windows 9x 
again; which it was based on, and did so poorly, MS pulled it from 
the sales distribution channels three months after it's release.

If you'd like to discuss operating system history in greater detail 
sometime, lemme know. It's a subject that's always interested me. 
Primarily because I've watched the systems change throughout the 
years... When you've been doing I.T professionally for as long as I 
have (and many like me), it's not history so much as it's a trip down 
memory lane for us.

-- 
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit here:
https://tekrider.net/pages/david-brooks-stalk...
===================================================
Death is God's way of dropping carrier.
--- NewsGate v1.0 gamma 2
 * Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)